| 1 |
Summary: |
| 2 |
Make it clearer that a sign-off to a git commit is only required from |
| 3 |
the committer, not from the author. It's only encouraged for the |
| 4 |
authors. |
| 5 |
|
| 6 |
Rationale: |
| 7 |
1. We're actively rejecting contributions from people who do not wish to |
| 8 |
have their real name shown in public, or link it to their Git* |
| 9 |
accounts. |
| 10 |
|
| 11 |
2. We have no way of knowing or confirming whether the given name is |
| 12 |
"legal". I'd rather not have the sign-off from the author in the first |
| 13 |
place than see clearly made up names in there, with a fresh-made Git* |
| 14 |
account with no prior activity. |
| 15 |
|
| 16 |
3. Recently we've had a couple of cases where our long-standing |
| 17 |
contributors, with ~300 commits in total, reveal they've been using |
| 18 |
pseudonyms. I'm sure there are many others. AFAIK all their commits |
| 19 |
should then be revoked, and possibly future contributions rejected |
| 20 |
due to trust issues? |
| 21 |
|
| 22 |
4. As said, there are already devs committing work from people we |
| 23 |
know to have made-up names. And/or there are devs committing patches |
| 24 |
without the sign-off to begin with. |
| 25 |
|
| 26 |
5. The infra git-hooks currently only check for a matching sign-off |
| 27 |
from the committer anyway. |
| 28 |
|
| 29 |
Final words: |
| 30 |
So currently, this GLEP can be interpreted in two different ways: the |
| 31 |
sign-off is and isn't required from the author. This does harm |
| 32 |
towards contributors who work with devs who do require the sign-off |
| 33 |
from the author, and thus the GLEP needs to be updated and enforced |
| 34 |
one way or the other. I vote what benefits our contributors, and |
| 35 |
therefore us, better. |
| 36 |
|
| 37 |
Signed-off-by: Joonas Niilola <juippis@g.o> |
| 38 |
--- |
| 39 |
glep-0076.rst | 15 +++++++++++---- |
| 40 |
1 file changed, 11 insertions(+), 4 deletions(-) |
| 41 |
|
| 42 |
diff --git a/glep-0076.rst b/glep-0076.rst |
| 43 |
index 4aa5ee5..faa760d 100644 |
| 44 |
--- a/glep-0076.rst |
| 45 |
+++ b/glep-0076.rst |
| 46 |
@@ -8,10 +8,11 @@ Author: Richard Freeman <rich0@g.o>, |
| 47 |
Michał Górny <mgorny@g.o> |
| 48 |
Type: Informational |
| 49 |
Status: Active |
| 50 |
-Version: 1.1 |
| 51 |
+Version: 1.2 |
| 52 |
Created: 2013-04-23 |
| 53 |
-Last-Modified: 2018-12-09 |
| 54 |
-Post-History: 2018-06-10, 2018-06-19, 2018-08-31, 2018-09-26 |
| 55 |
+Last-Modified: 2021-07-28 |
| 56 |
+Post-History: 2018-06-10, 2018-06-19, 2018-08-31, 2018-09-26, |
| 57 |
+ 2021-07-28 |
| 58 |
Content-Type: text/x-rst |
| 59 |
--- |
| 60 |
|
| 61 |
@@ -138,7 +139,10 @@ the Certificate of Origin by adding :: |
| 62 |
|
| 63 |
to the commit message as a separate line. The sign-off must contain |
| 64 |
the committer's legal name as a natural person, i.e., the name that |
| 65 |
-would appear in a government issued document. |
| 66 |
+would appear in a government issued document. It's strongly encouraged |
| 67 |
+that the original contribution author also adds their sign-off, to at |
| 68 |
+least indicate they are aware of this GLEP. But it's required only |
| 69 |
+from the committer. |
| 70 |
|
| 71 |
The following is the current Gentoo Certificate of Origin, revision 1: |
| 72 |
|
| 73 |
@@ -301,6 +305,9 @@ iv. The original point (d) has been transformed into a stand-alone |
| 74 |
v. The term "open source" has been replaced by "free software" |
| 75 |
throughout. |
| 76 |
|
| 77 |
+vi. Clarify that a sign-off is only strictly required from the |
| 78 |
+ committer, not from the author. |
| 79 |
+ |
| 80 |
The new point was deemed necessary to allow committing license files |
| 81 |
into the Gentoo repository, since those files usually do not permit |
| 82 |
modification. It has been established that adding a clear provision |
| 83 |
-- |
| 84 |
2.31.1 |
Archives